package com.link.base.base.user.authority;

import com.link.base.base.user.model.User;
import com.link.base.base.user.service.LoginService;
import com.link.core.util.StringUtils;
import org.apache.cxf.binding.soap.SoapHeader;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
import org.apache.cxf.headers.Header;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.w3c.dom.Element;

import javax.annotation.Resource;
import javax.xml.soap.SOAPException;
import java.util.List;

/**
 * @author unknown
 * @date unknown
 */
public class AuthorInterceptor extends AbstractPhaseInterceptor<SoapMessage> {

    @Resource
    private LoginService loginService;

    @Resource
    private UserPasswordEncoder userPasswordEncoder;

    private SAAJInInterceptor saa = new SAAJInInterceptor();

    public AuthorInterceptor() {
        super(Phase.PRE_PROTOCOL);
        getAfter().add(SAAJInInterceptor.class.getName());
    }


    @Override
    public void handleMessage(SoapMessage message) throws Fault {
        List<Header> headers = message.getHeaders();
        if (null == headers || headers.size() < 1) {
            throw new Fault(new SOAPException("报文信息有误，请联系系统管理员！CODE：4050"));
        }
        String userName = null;
        String password = null;
        for (Header header : headers) {
            SoapHeader soapHeader = (SoapHeader) header;
            // 取出SOAP的Header元素
            Element element = (Element) soapHeader.getObject();
            if ("linkwsh:UsernameToken".equals(element.getNodeName())) {
                userName = element.getTextContent();
            }
            if ("linkwsh:PasswordText".equals(element.getNodeName())) {
                password = element.getTextContent();
            }
        }


        if (StringUtils.isNull(userName)) {
            SOAPException soapExc = new SOAPException("报文信息有误，请联系系统管理员！CODE：4051");
            throw new Fault(soapExc);
        }
        if (StringUtils.isNull(password)) {
            SOAPException soapExc = new SOAPException("报文信息有误，请联系系统管理员！CODE：4052");
            throw new Fault(soapExc);
        }

        //根据用户名username加载userDetails
        User user = (User) loginService.loadUserByUsername(userName);

        if (userPasswordEncoder.webserviceValid(user.getPassword(), password, user.getCorpid(), user.getUsername())) {
            SOAPException soapExc = new SOAPException("用户名或密码错误，请联系系统管理员！CODE：4053");
            throw new Fault(soapExc);
        }

        //WrappedMessageContext ctx = new WrappedMessageContext(message.getExchange().getInMessage(), Scope.APPLICATION);
        //根据userDetails构建新的Authentication,这里使用了
        //PreAuthenticatedAuthenticationToken当然可以用其他token,如UsernamePasswordAuthenticationToken
       /* PreAuthenticatedAuthenticationToken authentication =
                new PreAuthenticatedAuthenticationToken(user, user.getPassword(), user.getAuthorities());
        HttpServletRequest request = (HttpServletRequest) ctx.get(WrappedMessageContext.SERVLET_REQUEST);
        //设置authentication中details
        authentication.setDetails(new WebAuthenticationDetails(request));

        //存放authentication到SecurityContextHolder
        SecurityContextHolder.getContext().setAuthentication(authentication);
        HttpSession session = request.getSession(true);
        //在session中存放security context,方便同一个session中控制用户的其他操作
        session.setAttribute("SPRING_SECURITY_CONTEXT", SecurityContextHolder.getContext());*/

    }
}

